How to add a user to the local system by using directory services and Visual C#

This article was previously published under Q306273
For a Microsoft Visual Basic .NET version of this article, see 306271.

This article refers to the following Microsoft .NET Framework Class Library namespace:
  • System.DirectoryServices


This step-by-step article shows you how to use the DirectoryServices namespace to add a user to the local system and a group.

back to the top


  • Microsoft Windows XP, Windows 2000, or Windows NT 4.0
  • Visual C#
back to the top

Create the Sample

  1. Start Microsoft Visual Studio .NET 2003, Microsoft Visual Studio 2005, or Microsoft Visual Studio 2008, and then create a new Visual C# Console Application project.
  2. In Solution Explorer, right-click References, and then click Add Reference.
  3. Add a reference to the System.DirectoryServices.dll assembly.
  4. Replace the code in the Class1.cs file with the following code.

    Note In Microsoft Visual C# 2005 or Microsoft Visual C# 2008, the Class1.cs file is replaced by the Program.cs file.
    using System;using System.DirectoryServices;class Class1{    static void Main(string[] args)    {    try        {	 DirectoryEntry AD = new DirectoryEntry("WinNT://" + 	                     Environment.MachineName + ",computer");	 DirectoryEntry NewUser = AD.Children.Add("TestUser1", "user");	 NewUser.Invoke("SetPassword", new object[] {"#12345Abc"});	 NewUser.Invoke("Put", new object[] {"Description", "Test User from .NET"});	 NewUser.CommitChanges();	 DirectoryEntry grp;	 grp = AD.Children.Find("Guests", "group");	 if (grp != null) {grp.Invoke("Add", new object[] {NewUser.Path.ToString()});}	 Console.WriteLine("Account Created Successfully");	 Console.ReadLine();	}    catch (Exception ex)	{	 Console.WriteLine(ex.Message);	 Console.ReadLine();	}    }}					
  5. Compile and then run the project.
  6. Follow these steps on a Windows 2000-based computer to verify that the account was created and added to the Guest group:

    1. From the Start menu, point to Programs, point to Administrative Tools, and then click Computer Management.
    2. Click to expand the Local Users and Groups node. The new account should appear under the Users node, as well as under the node for the Guest group.
    Follow these steps on a Windows XP-based computer to verify that the account was created and added to the Guest group:
    1. From the Start menu, click Control Panel.
    2. Double-click User Accounts. The new user account should appear in the User Accounts dialog box.
    IMPORTANT NOTE: Remove the newly created user account from the system after you finish testing.
back to the top

Code Explanation

Create a New Directory Entry

When you create the directory entry in this sample, it is assumed that the system is running Microsoft Windows NT, Windows 2000, or Windows XP. Note that the string that is passed to the DirectoryEntry constructor begins with "WinNT://". You can also run Directory Services on other third-party operating systems.
DirectoryEntry AD = new DirectoryEntry("WinNT://" + SystemInformation.ComputerName + ",computer");				

Add the Directory Entry to the Directory Tree

The following code adds a DirectoryEntry of type user with the value of TestUser1 to the Active Directory tree.
DirectoryEntry NewUser = AD.Children.Add("TestUser1", "user");				

Set the Password and Description for the New User Account

The following code calls the Invoke method to invoke the SetPassword and Put methods of the DirectoryEntry object. This sets the password and assigns a description to the user account. This code also calls the CommitChanges method to save the changes.
NewUser.Invoke("SetPassword", new object[] {"#12345Abc"});NewUser.Invoke("Put", new object[] {"Description", "Test User from .NET"});NewUser.CommitChanges();				

Add the Account to a Group

To add the account to a group, follow these steps:
  1. Define a variable of type DirectoryEntry.
  2. Call the Find method of the Children member of the ActiveDirectory class to populate the variable.In this case, the Guest group is the target of the search. This code tests the value that the Find method returns to determine if the group has been found. If the group is found, the new user account is added to the group.
DirectoryEntry grp;grp = AD.Children.Find("Guests", "group");if (grp != null) {grp.Invoke("Add", new object[] {NewUser.Path.ToString()});}				
back to the top


The code in this article fails if you try to run the code without the sufficient privileges to create a user account. For the code to complete successfully, the currently logged on user must be a member of the Administrators group or have specific permissions that allow the user to create user accounts.

back to the top

Αναγνωριστικό άρθρου: 306273 - Τελευταία αναθεώρηση: 12/11/2006 21:04:41 - Αναθεώρηση: 2.4

Microsoft Visual C# 2008 Express Edition, Microsoft Visual C# 2005, Microsoft Visual C# .NET 2002 Standard Edition

  • kbhowtomaster KB306273